/ 
Dancer2-0.13
⭐ Starred 552
/ Dancer2::Plugin::Ajax
Security Advisories (1)
CPANSA-Dancer2-2018-01 (2018-01-30)

There is a potential RCE with regards to Storable. We have added session ID validation to the session engine so that session backends based on Storable can reject malformed session IDs that may lead to exploitation of the RCE.

NAME

Dancer2::Plugin::Ajax - a plugin for adding Ajax route handlers

VERSION

version 0.13

SYNOPSIS

package MyWebApp;

use Dancer2;
use Dancer2::Plugin::Ajax;

# For GET / POST
ajax '/check_for_update' => sub {
    # ... some Ajax code
};

# For all valid HTTP methods
ajax ['get', 'post', ... ] => '/check_for_more' => sub {
    # ... some Ajax code
};

dance;

DESCRIPTION

The ajax keyword which is exported by this plugin allow you to define a route handler optimized for Ajax queries.

The route handler code will be compiled to behave like the following:

  • Pass if the request header X-Requested-With doesn't equal XMLHttpRequest

  • Disable the layout

  • The action built matches POST / GET requests by default. This can be extended by passing it an ArrayRef of allowed HTTP methods.

CONFIGURATION

By default the plugin will use a content-type of 'text/xml' but this can be overridden with plugin setting 'content_type'.

Here is example to use JSON:

plugins:
  Ajax:
    content_type: 'application/json'

AUTHOR

Dancer Core Developers

COPYRIGHT AND LICENSE

This software is copyright (c) 2014 by Alexis Sukrieh.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.